Error creating new authz :: Too many invalid authorizations recently.

[p3k]

I assume this is related to the “Let’s Encrypt” service, but I am not sure what I could do about it.

Cloning by dat clone dat://164b03… works fine.

My current dathttpd.yml config:

ports:
  http: 9088
  https: 9443
directory: ~/.dathttpd
letsencrypt:
  email: 'interface@p3k.org'
  agreeTos: true
sites:
  dat.p3k.org:
    url: dat://163b03e6b1ea4562f88e828c4f3b1405c0d5cb147392a9c7148c4ec7330e11f8
    datOnly: true

Here is the output of a session on the server when I try to call https://dat.p3k.org:9443 with the Beaker browser:

→ dathttpd
Serving from /root/.dathttpd
Serving dat.p3k.org dat://163b03e6b1ea4562f88e828c4f3b1405c0d5cb147392a9c7148c4ec7330e11f8
le.challenges[tls-sni-01].loopback should be defined as function (opts, domain, token, cb) { ... } and should prove (by external means) that the ACME server challenge 'tls-sni-01' will succeed
Handling ACME challenges and redirecting to https on plain port 9088
Handling ACME challenges and serving https 9443
TODO: modules which depend on this module should expose this error properly but since some of them don't, I expose it here directly:
Error: [Error] letiny-core: not 200 ok
    at bodyToError (/usr/lib/node_modules/dathttpd/node_modules/le-acme-core/lib/get-certificate.js:55:15)
    at /usr/lib/node_modules/dathttpd/node_modules/le-acme-core/lib/get-certificate.js:99:20
    at Request._callback (/usr/lib/node_modules/dathttpd/node_modules/le-acme-core/lib/acme-client.js:113:7)
    at Request.self.callback (/usr/lib/node_modules/dathttpd/node_modules/request/request.js:186:22)
    at emitTwo (events.js:106:13)
    at Request.emit (events.js:191:7)
    at Request.<anonymous> (/usr/lib/node_modules/dathttpd/node_modules/request/request.js:1163:10)
    at emitOne (events.js:96:13)
    at Request.emit (events.js:188:7)
    at IncomingMessage.<anonymous> (/usr/lib/node_modules/dathttpd/node_modules/request/request.js:1085:12)
    at IncomingMessage.g (events.js:292:16)
    at emitNone (events.js:91:20)
    at IncomingMessage.emit (events.js:185:7)
    at endReadableNT (_stream_readable.js:974:12)
    at _combinedTickCallback (internal/process/next_tick.js:80:11)
    at process._tickCallback (internal/process/next_tick.js:104:9)
{ type: 'urn:acme:error:rateLimited',
  detail: 'Error creating new authz :: Too many invalid authorizations recently.',
  status: 429 }

[pfrazee]

I haven't tried using dathttpd on a non-standard port, so that may be the source of your problem.

[pfrazee]

Can you try running it on 443? (You might need to wait a bit for the rate limit to reset.)

[p3k]

hi @pfrazee thanks for your reply. i could test if it works on a local machine; on the production machine port 443 is already assigned… is there a sound reason to believe the custom port is the culprit?

[pfrazee]

It's my first guess but I can't say for sure. The letsencrypt node module is really finicky.

I've got an improvement to the letsencrypt code sitting in master - not yet published because there's another feature in master that still needs testing. You might try building from code to see if the new version is better.

[pfrazee]

We've released some new versions that fixed issues with lets-encrypt. You might give it another go now.

[p3k]

sorry for the late reply, @pfrazee – i updated dathttpd to 3.2.2 but the issue still persists.